Air takes security seriously. Achieving SOC 2 compliance in 2021, Air's software and internal systems were audited to ensure adherence to best practices when it comes to the protection of your data.
Air's data is encrypted in transit and at rest (SSL and AES256)
Air conducts annual software penetration tests during which an independent security audit firm (NCC Group) attempts to hack their system and provides feedback on any potential vulnerabilities to resolve
Air uses security monitoring software to notify the business in real time if an incident occurs which might compromise their software
Air backs up all content in multiple regions across their data centers and takes daily snapshots of their database to allow restoration of lost data in the event of a hack or failure
Air's internal teams follow strict policies when accessing customer data, which limits the chance of a data breach
Users can enforce SSO on their workspace to leverage their existing IDP and their account security policies
Air has a robust user permissions system in place to ensure workspace admins are in full control over what their own team can access and do
Learn more about Air's approach to security here: https://air.inc/security